The breach that affected the LastPass password manager in December 2022 is believed to be linked to a theft of more than 4 million euros in cryptocurrencies. Cybersecurity researchers were able to establish a link.
If you follow the usual recommendations for IT securityyou are probably using a password manager. This digital safe allows you to store all your sesames without you having to remember them, which is extremely practical when you choose a different one for each site, which is preferable. There are many such programs on the market. Among them, LastPass is one of the best known.
In August then in December 2022, the manager suffered two significant cyberattacks, but without danger for users according to the firm. We quickly realize that LastPass largely underestimated the consequences of the breach: the pirates were able to recover part of the source code of the app and private user data, among others. But it does not stop there. According to cybersecurity experts, approximately 4.2 million euros in cryptocurrencies were stolen a few days ago, October 25 precisely. Theft believed to be linked to 2022 attacks.
LastPass flaw allows hackers to steal more than 4 million euros in cryptocurrencies
More than 25 people are affected. The information comes from ZachXBT and developer Taylor Monahan. “People who have had their cryptocurrency wallets stolen regularly contact us by private message. […] We ask potential LastPass victims several questions and we found one thing they all have in common, LastPass,” explains ZachXBT. According to the research carried out, the hackers managed to crack stolen passwords to access all the information necessary for the flight.
Read also – A hacker steals $1.5 million in cryptocurrencies using a technique as old as time
Passphrases, identifiers, encryption keys… Thus armed, they simply loaded the wallets on their own devices before emptying them entirely. If you have a LastPass account from at least June or November 2022, just before the attacks, it is strongly recommended that you change all your passwords, including the master password allowing access to the digital safe.
Source: BleepingComputer